When it comes to enterprise security, insider threats — whether malicious or inadvertent — must be top of mind. Most people envision intentional insider threats as disgruntled employees stealing data to sell for profit or corporate espionage. But, explains Jeff Nathan of Exabeam, there is a new, resource- and dollar-stealing risk on the block that companies should be on the lookout for: shadow mining.
IT and workforce digitization is not only changing businesses but whole industries — virtually overnight. Don Boxley, co-founder of DH2i, outlines the top two questions every IT and business professional tasked with digitization and/or data security should ask themselves in 2019, plus the two top questions to ask when investing in new technology solutions.
Last month’s World Backup Day was a great reminder for organizations about the critical urgency of preparing for business continuity in the face of increasing cyber-attacks and other types of file loss. Dena Bauckman of Zix shares her best practices for any organization, regardless of size, when it comes to developing a robust data backup and business continuity strategy.
Emails have long been the customary approach for delivering phishing scams, which have affected more than one-third of all organizations. However, as most organizations move toward improving their security, attackers are developing other methods that use more than just email. Atif Mushtaq, founder of SlashNext, explains the newer, short-lived tactics that are being used to target human weaknesses and exploit employee vulnerabilities.
Criminal hackers are using sophisticated methods and tools found on the dark web that allow them to keep ahead of the efforts to combat them. That in conjunction with the massive worldwide cybersecurity skills shortage means that fighting cybercrime is more and more difficult. Aidan McCauley, VP of Technology Investments at IDA Ireland, says that rather than separate nation- or company-led efforts, there's another approach that might deliver better results.
The theme of the vulnerability onslaught continues in 2019. And things are only getting more complex as we continue to write more lines of code to control all of the things we are connecting to the Internet. In this Experts Corner, Doug Mechaber gives some insight into these complexities as it relates to identifying and measuring vulnerability-driven risk.
Breaches aren’t easy to deal with, especially if you are of the opinion that companies are people, too. Having seen, been part of, and lent a shoulder to many a breach, Javvad Malik, Security Advocate at AlienVault, offers nine of the common (but not best!) ways that companies respond to breaches.
While multi-cloud is a smart decision, it's extremely hard to get right, and the added complexity of securing data makes it an even more daunting proposition. Mario Duarte explores the challenges in developing a multi-cloud strategy that accounts for security and reviews four recommendations to execute on your own secure multi-cloud strategy.
January 28 of every year is Data Privacy Day, where companies around the globe gear up for educating their employees on the importance of privacy and security. Jodie Daniels, Founder of Red Clover Advisors, suggests that we consider extending the knowledge and importance generated on this day into the other 364 days of the year.
The #CyberAvengers, a group of salty and experienced professionals, takes a brief look back at 2018 with its breaches of epic proportions. But rather than whine, moan and complain about the past — they suggest 5 things you can do in the next few weeks to have a safer cyber 2019.
The cost of data breaches is higher for small businesses than large enterprises. Not only do small businesses have to weather the initial expense of a data breach — an average of $120,000 per incident — they also have to recover from the massive reputation hit a data breach causes. Janice Miller of Safety Today outlines what SMB owners need to know.
When is the last time your company truly thought about the security of your network, devices and data? If this answer isn’t “yesterday” or “today,” then your agency, and the client data it is entrusted with, might be at risk. Dror Liwer, CISO of Coronet, outlines what agencies can do to get serious about cybersecurity.
Randy Bagwell interviews Ian Corey and Doug DePeppe of eosedge Legal about their view of 2019 as a “tipping point,” based on Malcolm Gladwell’s ideas in The Tipping Point: How Little Things Can Make a Big Difference, for behavioral change and enforcement of data protection duties based upon events and laws that emerged in 2018.
The Ancient Athenian Themistocles said: “He who controls the sea controls everything.” In today's world, the "sea" is the "communications sea" and the "communications sea" relies on anything and everything cyber. George Platsis of SDI Cyber lays out how somebody has been quietly dominating the communications sea and what the implications are for everybody — including who will rule this empire.
Local governments and small businesses are frequently being targeted by ransomware attacks. What makes these entities prime targets for malware and how can they avoid being an easy target? Cohesity CTO Steve Grewal suggests what government officials and business owners can do to avoid having their operations halted.
The fear-mongering of cybersecurity is ruining the industry, as emotions are being targeted rather rationality. Fear sells, after all. Nathan Burke of Axonius discusses the current state of the InfoSec industry and what the way forward is from here.
Too often, companies' security strategies revolve around minimizing reputational damage and achieving compliance. Javvad Malik, an award-winning information security consultant and security advocate at AlienVault, suggests that businesses need to take a more granular approach to focus on protecting employee and customer data instead.
Despite the common belief that mainframes are secure fortresses of data, it's much easier than businesses might think to access the mainframe by hacking an employee's mobile phone or other connected smart device. Ray Overby, President of Key Resources, Inc., lays out two new ways that cybercriminals can get into corporate networks through a personal IoT device.
As more people bring their own devices to work (BYOD), companies embracing blockchain can ensure that the infrastructure is secure and their employees are accommodated. Alistair Johnson, founder & CEO of Nuggets, explains how this new technology accommodates a fresh understanding of work and the technological peculiarities that come with it.
In the past, nation states such as North Korea and China had a very limited ability to respond to the U.S.’ military attacks or sanctions. But in today’s digital world, these countries use cyber-attacks to deter a sanction or get retribution. Wayne Lloyd, Federal CTO of RedSeal, provides a list of actions organizations can take to ensure good cyber hygiene and digital resilience to withstand a cyber event and/or recover quickly.